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(54) Security of remote computing devices 

(57) A management information system (11) pro- 
vides protection for a remote computer (16-21). When 
a determination is made to invoke protection of the re- 
mote computer (16-21) the management information 
system (11 ) contacts the remote computer (16-21 ) using 
a communication path (10,12-15,22). The management 
information system (11) instructs the remote computer 



(16-21) through the communication path (10,12-15,22) 
to perform an action to protect the remote computer 
(16-21). The remote computer (16-21) performs the ac- 
tion to protect the remote computer (16-21). For exam- 
ple, the action is to lock the remote computer (16-21) to 
prevent unauthorized use. Alternatively the action is to 
erase or encrypt data within the remote computer 
(1 6-21 ) to prevent unauthorized access to the data. 
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Description 
Background 

The present invention concerns management of 
computing devices and pertains particularly to providing 
security for remote computing devices. 

Management information systems (MIS) are used 
to manage computing devices by monitoring and check- 
ing inventory, taking the current status of machine con- 
figurations (such as current memory configurations, 
hard drive capacity, RAM, CPU and other upgrades) as 
well as to monitor usage patterns. An MIS console 11 
for an MIS system generally utilizes a desktop manage- 
ment interface (DMI) located within each personal com- 
puter (PC) or server. DMI is a standard interface which 
handles communication between management applica- 
tions and all the manageable elements on or attached 
to a personal computer or server. DMI provides the com- 
munication between any management application and 
the manageable elements on a system. Within the DMI, 
the standard way of describing elements is provided by 
the management information format (MIF). The MIF is 
a prescribed grammar and syntax to an element's man- 
ageable attributes. MIF files are standard at the group 
level and at the element level, so common aspects of 
many different elements can be provided by using 
standard MIF files and MIF groups. Standard MIF files 
and groups exist for many common elements. 

Within the DMI, a service layer is a program, run- 
ning on the local machine or personal computer, that col- 
lects information from elements, manages that informa- 
tion in the MIF database, and passes the information to 
management applications as requested. The service 
layer controls communication between itself and man- 
agement applications by means of a management inter- 
face (Ml) and between itself and manageable elements 
by means of a component interface (CI). For example, 
a service layer interface for Windows 3. 1X operating 
system is available from Intel Corporation, having a 
business address of 2200 Mission College Boulevard, 
Santa Clara, California 95050. 

Within the DMI, management applications are re- 
mote or local programs used for changing, interrogating, 
controlling, tracking and listing the elements of a sys- 
tem. A management application can be a local diagnos- 
tics or installation program, or a remote agent which re- 
directs information from the DMI service layer over a 
network. 

Manageable elements are hardware, software or 
peripherals that occupy or are attached to a personal 
computer or network server. For instance manageable 
elements include hard disks, word processors, CD- 
ROMs, printers, motherboards, operating systems, 
spreadsheets, graphics cards, sound cards, or mo- 
dems. Each element provides information to the Ml F da- 
tabase by means of an MIF file which contains the per- 
tinent management information for that element. The in- 



formation in the MIF file is compiled into the MIF data- 
base when the element is installed. 

MIS managers can query individual machines to ac- 
cess DMIs and MIF databases on individual machines 
s in order to obtain current information stored therein. 
Based on this information, MIS managers can schedule 
upgrades for outdated hardware and software configu- 
rations. 

While an MIS has been used effectively to manage 
10 PCs and servers interconnected by a local area network 
(LAN), there has been no similar effective strategy to 
manage devices which are not connected to a LAN. For 
example, there is no effective strategy to manage port- 
able computers which are seldom or never permanently 
15 connected to a LAN. Yet with the proliferation of the us- 
age of portable computers, it is desirable to include such 
devices within an MIS. 

Summary of the Invention 

In accordance with a preferred embodiment of the 
present invention, a management information system 
provides protection for a remote computer. When a de- 
termination is made to invoke protection of the remote 
computer, for example when the remote computer is lost 
or stolen, management information system contacts the 
remote computer using an alternate communication 
path. For example the communication path could be a 
wireless communication path such as via a two-way 
pager or a cellular telephone link. Alternatively, the com- 
munication path could be wired, for example, via the in- 
ternet upon next connection or contact. The manage- 
ment information system instructs the remote computer 
through the communication path to perform an action to 
protect the remote computer. The remote computer per- 
forms the action to protect the remote computer. For ex- 
ample, the action is to lock the remote computer to pre- 
vent unauthorized use. Alternatively, the action is to 
erase or encrypt data within the remote computer to pre- 
vent unauthorized access to the data. 

Brief Description of the Drawings 

Figure 1 shows the connected relationship between 
a management information system (MIS) console and a 
portable computer in accordance with a preferred em- 
bodiment of the present invention. 

Figure 2 shows a management information system 
(MIS) which includes portable computers in accordance 
with a preferred embodiment of the present invention. 

Figure 3 shows an enhanced desktop management 
interface (DMI) which has been modified for use in a 
portable computer in accordance with a preferred em- 
bodiment of the present invention. 

Figure 4 shows an enhanced desktop management 
interface (DMI) which has been modified for use in a 
portable computer in accordance with an alternate pre- 
ferred embodiment of the present invention. 
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Figure 5 shows a table within an MIS console which 
is used to select a communication path to managed el- 
ements in accordance with a preferred embodiment of 
the present invention. 

Figure 6 shows a table within a personal computer 
which is used to select a communication path to an MIS 
console in accordance with a preferred embodiment of 
the present invention. 

Figures 7 A and 7B are a flowchart which illustrates 
remote code update of a remote computer in accord- 
ance with a preferred embodiment of the present inven- 
tion. 

Figures 8A and 8B are a flowchart which illustrates 
the establishment of communication with a remote com- 
puter in accordance with a preferred embodiment of the 
present invention. 

Figures 9A and 9B are a flowchart which illustrates 
actions taken when a remote computer is reported lost 
or stolen in accordance with a preferred embodiment of 
the present invention. 

Figure 1 0 is a flowchart which illustrates the use of 
remote management to initialize software metering in 
accordance with a preferred embodiment of the present 
invention. 

Figure 11 is a flowchart which illustrates one type 
of software metering (periodic time style) initialized us- 
ing remote management in accordance with a preferred 
embodiment of the present invention. 

Figure 12 is a flowchart which illustrates another 
type of software metering (counter style) initialized using 
remote management in accordance with a preferred 
embodiment of the present invention. 

Figure 13 is a flowchart which illustrates another 
type of software metering (timed use style) initialized us- 
ing remote management in accordance with a preferred 
embodiment of the present invention. 

Figure 14 is a flowchart which illustrates another 
type of software metering (interactive style) initialized 
using remote management in accordance with a pre- 
ferred embodiment of the present invention. 

Figure 15 is a flowchart which illustrates control of 
software metering when a coupon is expired in accord- 
ance with a preferred embodiment of the present inven- 
tion. 

Description of the Preferred Embodiment 

Figure 1 shows a management information system 
(MIS) console 11 connected through an interconnection 
10 to a portable computer 16. The dotted line between 
interconnection 10 and portable computer 16 indicates 
that portable computer 16 may be only intermittently 
available through interconnection 10. Interconnection 
10 may include any combination of communications 
technology. For example, interconnection may include 
one, or a combination of, a local area network, a wide 
area network, the internet, the world wide web, a public 
telephone system, a private telephone system, a mo- 



dem, a paging network system, radio frequency trans- 
mission, a cellular phone system, and so on. 

For example, Figure 2 shows a management infor- 
mation systems (MIS) which includes MIS console 11 

s and a network access 1 2. Network access 1 2 is, for ex- 
ample, a network server, a network provider, an internet 
access or a world wide web access. Network access 1 2 
is connected through a local area network (LAN) 22 to 
a portable computer 20 and a computer 21. Based on 

10 the discretion of the user of portable computer 20, port- 
able computer 20 may or may not be permanently at- 
tached to LAN 22. In addition to portable computer 20 
and computer 21, other personal computers, servers 
and portable computers may be connected to LAN 22. 

15 Network access 1 2 is connected to a telephone sys- 
tem 14 through a modem 13. A portable computer 17 
and a portable computer 1 8 utilize telephone system 1 4 
to connect network access 1 2 and, when connected are 
available to MIS console 11 . 

20 A paging network server 15 is connected to tele- 
phone system 14. Through two-way paging network 
server 15, MIS console 11 is able to contact portable 
computer 16. Use of two-way paging network server 15 
has the advantage of making portable computer 16 al- 

25 ways available to MIS console 11 . 

A portable computer 1 9 is not connected to any net- 
work and is thus currently unavailable to MIS console 
1 1 . Once portable computer 1 9 is connected to LAN net- 
work 22, telephone system 14 and/or paging network 

30 server 1 5, MIS console 11 will be able to access portable 
computer 19. 

Enhanced Desktop Management Interface 

35 Figure 3 illustrates an enhanced desktop manage- 
ment interface (DMI) located within each of personal 
computers 1 6 through 20. Within the DMI , a service lay- 
er 30 collects information from elements, manages that 
information in an MIF database 33, and passes the in- 
40 formation to management applications as requested. 

Service layer 30 controls communication between 
itself and management applications by means of a man- 
agement interface (Ml) 31 and between itself and man- 
ageable elements by means of a component interface 
45 (CI) 32. 

Management applications are remote or local pro- 
grams for changing, interrogating, controlling, tracking 
and listing the elements of a system. A management ap- 
plication can be a local diagnostics or installation pro- 
50 gram, or a remote agent which redirects information 
from DMI service layer 30 over a network. For example, 
in Figure 3, management interface 31 is shown to inter- 
face to a support management application 34, a DMI ap- 
plication 35, a LAN management application 36 and a 
55 setup program 37. Management interface 31 also inter- 
faces to other management applications, as represent- 
ed by an other management application 38. 

Manageable elements are hardware, software or 
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peripherals that occupy or are attached to a portable 
computer. For example, in Figure 3, component inter- 
face 32 is shown interfacing with a word processor 41, 
a hard disk 42 and a CD-ROM 43. Component interface 
32 also interfaces to other manageable elements, as 
represented by other element 45. 

Within management information format (MIF) data- 
base 33 there is stored MIF files for the manageable el- 
ements and the management applications. 

A communication management application 39, con- 
nected to management interface 31 , and a communica- 
tion device 44, connected to component interface 32 are 
added to the DMI in order to provide an alternate com- 
munication path for MIS. Communication device 44 is, 
for example, a two-way pager. Alternately, communica- 
tion device 44 is a modem, a radio frequency transceiver 
or some other connection to a communication medium 
which allows the personal computer to establish contact 
with an MIS console 11. In some embodiments of the 
present invention, communication can be one-way, for 
example, implemented using a one-way pager. Commu- 
nication through communication device 44 is controlled 
by communication management application 39. 

The existence of an alternate communication path 
for MIS increases flexibility for an MIS manager. In ef- 
fect, the existence of the alternate communication path 
for MIS allows an MIS manager to manage portable 
computers and other devices which are not directly con- 
nected to a LAN. The alternate communication path can 
be used, for example, by the MIS manager to direct a 
managed portable computer of the need to connect to 
a primary communication path in order to receive an up- 
date. 

Figure 4 illustrates an alternate structure for the en- 
hanced desktop management interface (DMI) shown in 
Figure 3. In Figure 4, a communication management ap- 
plication 50 is connected to each of the management 
applications. For example, as shown in Figure 4, com- 
munication management application 50 is connected to 
support management application 34, DMI application 
35, LAN management application 36 and setup program 
37. Communication management application 50 also in- 
terfaces to other management applications, as repre- 
sented by other management application 38. 

Communication management application 50 se- 
lects a communication path to MIS console 11 . For ex- 
ample, communication management application 50 us- 
es an LAN interface 51 , a modem interface 52 or a two- 
way pager interface 53 to establish a communication 
path to MIS console 11 . Alternately communication de- 
vice 44 is a modem, or some other connection to a com- 
munication medium which allows the personal computer 
to establish contact with an MIS console 11 . 

Within communication management application 50, 
the available communication paths are priority ranked. 
For example, the communication management applica- 
tion 50 will communicate with MIS console 11 over LAN 
22 when the personal computer is connected to LAN 22. 



If communication management application 50 is not 
connected to an LAN with access to MIS console 11, 
communication management application 50 will estab- 
lish contact with MIS console 11 over public telephone 

5 system 1 4 using modem interface 52. If communication 
management application 50 is not connected to an LAN 
with access to MIS console 11 and access over public 
telephone system 14 using modem interface 52 is not 
available, communication management application 50 

10 will establish contact with Ml S console 1 1 using two-way 
pager interface 53 to make contact with paging network 
server 15. 

Because the rate of data transfer between MIS con- 
sole 11 and the personal computer depends upon which 

15 communication path is used, there are some transac- 
tions which are restricted, depending of the communi- 
cation path. For example, when contact with MIS con- 
sole 11 is established using two-way pager interface 53 
to make contact through paging network server 1 5, ma- 

20 pr downloads of software from MIS console 11 or major 
uploads of database data from MIS console 11 are not 
performed. 

Figure 5 shows a table 60 within MIS console 11 
which lists various devices managed by MIS console 1 1 . 

25 For each managed device, in descending order of pri- 
ority, the potential communication path types are listed. 
For each potential path type, an address ; cost, through- 
put rate and expected response time are listed. 

Specifically, as shown in Figure 5, a column 61 of 

30 table 60 lists the device by device number. In column 
61, portable computer 16, portable computer 17, porta- 
ble computer 18, portable computer 19, portable com- 
puter 20 and computer 21 are listed. 

In a column 62 of table 60, various communication 

35 path types are listed for each listed device. For the ex- 
ample shown in Figure 5, each listed device can be con- 
tacted using one or more of the following path types: 
LAN, MODEM ; PAGER. The path type of LAN indicates 
that MIS console 11 can contact the device through LAN 

40 22 or some other LAN. The path type of MODEM indi- 
cates that MIS console 11 can contact the device 
through telephone system 14. The path type of PAGER 
indicates that MIS console 11 can contact the device 
through paging network server 15. 

45 in a column 63 of table 60, the address of the device 
over the communication path is listed. This address is 
specific to the particular device. 

In a column 64 of table 60, a cost code is listed 
which indicates for the listed device a cost for the con- 

50 nection. This cost code is used by MIS console 11 to 
determine whether, for a particular management oper- 
ation, it is desirable to utilize this communication path 
to perform the management operation, depending upon 
urgency. In Figure 5, there are three cost codes listed. 

55 For example, the TIME DEP cost code indicates that the 
particular cost is time dependent. In this case, there is 
a very low cost for performing a management operation 
in off hours, and a higher cost for performing the man- 
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agement operation in normal working hours. Thus, un- 
less it is important to perform a particular management 
operation immediately, MIS console 11 can elect to per- 
form the management operation at a later time. The MO- 
DEM cost code is the cost code assigned when tele- 
phone system 1 4 is used to complete the call. Generally, 
the MODEM cost is higher than the TIME DEPcost. The 
PAGER cost code is the cost code assigned when pag- 
ing network server 1 5 is used to complete the call. Gen- 
erally, the PAGER cost is higher than the MODEM cost. 
Other alternative communication methods also can be 
ranked accordingly. 

In a column 65 of table 60, a throughput rate is listed 
which indicates for the listed device a throughput rate 
for the particular communication path. For communica- 
tion paths though telephone system 14 : the throughput 
rate can vary based on the throughput rate of a modem 
installed within the device. 

In a column 66 of table 60, a response time is listed 
which indicates an expected response time for the de- 
vice to respond when contacted through the particular 
communication path. Alternately, the listed response 
time indicates a maximum allowed response time for the 
device to respond when contacted through the particular 
communication path. When the device fails to respond, 
this indicates to MIS console 11 that the device is not 
available to be contacted through the chosen commu- 
nication path. MIS console 11 can then choose to at- 
tempt connection through an alternate communication 
path for the device, try the same communication path at 
another time, or abandon the attempt to contact the de- 
vice. 

Likewise, the individual personal computers can 
similarly prioritize data communication paths for con- 
tacting MIS console 11 to initiate or respond to signifi- 
cant MIS events such as hardware failure warnings. Up- 
on detection of a significant event, communications 
management application 50 can inform the user of the 
personal computer of the event or can automatically 
contact MIS console 11 through an available communi- 
cation data path. 

For example, Figure 6 shows a table 70 within per- 
sonal computer 1 8 which lists in descending order of pri- 
ority, the potential communication path types to MIS 
console 11. For each potential path type, an address, 
cost, throughput rate and expected response time are 
listed. 

Specifically as shown in Figure 6, in a column 72 
of table 70, various communication path types are listed. 
For the example shown in Figure 6, personal computer 
18 can contact MIS console 11 through the following 
path types: LAN, MODEM, PAGER. 

In a column 73 of table 70, the address of MIS con- 
sole 11 over the communication path is listed. This ad- 
dress is specific to MIS console 11 . 

In a column 74 of table 70, a cost code is listed 
which indicates for the listed device a cost for the con- 
nection. This cost code is used by portable computer to 



determine whether, for a particular management oper- 
ation, it is desirable to utilize this communication path 
to perform the management operation, depending upon 
urgency. In Figure 6, there are three cost codes listed, 

s as further discussed above. 

In a column 75 of table 70, a throughput rate is listed 
which indicates for the listed device a throughput rate 
for the particular communication path. For communica- 
tion paths though telephone system 14, the throughput 

10 rate can vary based on the throughput rate of a modem 
installed within the device. 

In a column 76 of table 70, a response time is listed 
which indicates an expected response time for the de- 
vice to respond when contacted through the particular 

15 communication path. Alternately, the listed response 
time indicates a maximum allowed response time for the 
device to respond when contacted through the particular 
communication path. When the device fails to respond, 
this indicates to portable computer 18 that MIS console 

20 11 is not available to be contacted through the chosen 
communication path. Portable computer 18 can then 
choose to attempt connection to MIS console 1 1 through 
an alternate communication path, try the same commu- 
nication path at another time, or abandon the attempt to 

25 contact MIS console 1 1 . 

Using alternate communication paths to manage 
portable computers and other devices offer some signif- 
icant advantages. For example, code updates can be 
down loaded to devices even when they are not physi- 

30 cally attached to any network. Additionally, manage- 
ment access to a computing device is a significant se- 
curity feature. For example, sensitive data can be 
erased from a lost or stolen computing device. Similarly, 
a lost or stolen computing device can be instructed not 

35 to boot up. Also, the alternate communication path could 
be used as an alarm to indicate to a manager that the 
computing device has been disconnected from a net- 
work without authorization. 

Also, the alternate communication path can be uti- 

40 lized as a low speed network for data communication, 
even allowing e-mail or low-throughput connection to 
the internet. 

Remote Code Update/Installation 

45 

Figures 7A and 7B are a flowchart which illustrates 
remote code update of a remote computer in accord- 
ance with a preferred embodiment of the present inven- 
tion. The same process may be used for installation of 
50 software on a remote computer. A left half 79 of the flow 
chart shows the activity of an MIS system. A right half 
80 of the flow chart shows the activity of a remote com- 
puter. 

In a step 81, the MIS system initiates a request to 
55 verify software versions on the remote computer. In a 
step 82, the MIS system establishes communication 
with the remote computer. In a step 83, the remote com- 
puter receives a valid message request. In a step 84, 
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an internal check of the remote computer is made to de- 
termine whether the host processor within the remote 
computer is powered up. In a step 85, if the remote com- 
puter is asleep, it is awakened. In a step 86, the remote 
computer acknowledges to the MIS system that the re- 
mote computer is connected and ready for further trans- 
missions. 

In a step 87, the MIS system determines whether 
there is a valid connection. If there is not a valid connec- 
tion, in a step 88, the MIS system queues the request 
for a later attempt. If in step 87, the MIS system deter- 
mines there is a valid connection, in a step 89, the MIS 
system requests from the remote computer the version 
number of the image of the software on the hard drive 
of the remote computer. In a step 90, the remote com- 
puter processes the requests and forwards the request- 
ed data to the MIS system. In a step 91 the data is re- 
ceived from the remote computer by the MIS system. 

In a step 92, the MIS system determines whether 
the image needs upgrading. If upgrading is needed, in 
a step 93, the MIS system determines whether the con- 
nection is appropriate for the action. If the connection is 
appropriate for the action, in a step 94, the MIS system 
begins to down load the new files to the remote compu- 
ter. Inastep99the remote computer downloads the files 
into separate area checks. In a step 100, the remote 
computer displays a note to the user about the results 
of the action. In a step 101, the remote computer ac- 
knowledges the operation to the MIS system. In a step 
102, the remote computer requests the user to close 
files and reboot the remote computer. 

If in step 93, the MIS system determines that the 
connection is not appropriate for the action, in a step 95, 
the MIS system leaves a note to request appropriate 
correction of user through an appropriate connection. In 
a step 96, the MIS system queues a remote request for 
the next appropriate connection. 

When the MIS system is ready to close the connec- 
tion, in a step 97, the MIS system updates its data base 
information on the customer. In a step 98, the MIS sys- 
tem removes the communication link with the remote 
computer. In a step 103, the remote computer removes 
its communications link with the MIS system. 

Establishing Connection with a Remote Computer 

Figures 8A and 8B are a flowchart which illustrate 
the establishment of communication with a remote com- 
puter in accordance with a preferred embodiment of the 
present invention. A left half 1 1 0 of the flow chart shows 
the activity of an MIS system. A right half 111 of the flow 
chart shows the activity of a remote computer. 

In a step 112, the MIS system searches the LAN to 
which the MIS system is connected in order todetermine 
whether the target remote computer is connected to that 
LAN. In a step 113, the MIS system determines whether 
the remote computer is connected to the LAN. If the re- 
mote computer is connected to the LAN, in a step 114, 



the MIS system establishes connection with the remote 
computer. In a step 115, the remote computer acknowl- 
edges the connection. In a step 116, the connection is 
completed. 

s If in step 113, the MIS system determines the re- 

mote computer is not connected to the LAN, in a step 
117 ; the MIS system initiates an alternative path to the 
remote computer which requests the status of the re- 
mote computer and the various connection paths or 

10 types which could be used by the MIS system to connect 
to the remote computer. For example, the alternative 
path could be a page or a telephone connection. In a 
step 1 1 8, the remote computer responds with its current 
connection capabilities. 

is In a step 1 1 9 the MIS system selects the appropriate 
type connection for the particular activity required. In a 
step 120, the MIS system determines whether the ap- 
propriate connection type is an LAN. If so, in a step 121, 
the MIS system establishes a link profile. The link profile 

20 indicates, for example, whether the link is fast, has a 
small delay, or is inexpensive. In a step 122, the remote 
computer establishes an LAN connection with the MIS 
system. In a step 123, the MIS system determines 
whether the appropriate connection type is a telephone 

25 system. If so, in a step 124, the MIS system establishes 
a link profile. The link profile indicates, for example, 
whether the link is fast, has a small delay, or is inexpen- 
sive. In a step 125, the remote computer establishes a 
telephone connection with the MIS system. 

30 in a step 126, the MIS system determines whether 
the appropriate connection type is a pager. If so, in a 
step 127, the MIS system establishes a link profile. The 
link profile indicates, for example, whether the link is 
fast, has a small delay, or is inexpensive. In a step 128, 

35 the remote computer determines whether reception is 
acceptable to establish the link. If reception is unaccept- 
able, in a step 130, the remote computer denies the re- 
quest for a link. 

When a link has been established in step 122, 125 

40 or 128, in a step 132, the remote computer verifies to 
the MIS system that the connection is established. In a 
step 133, the connection is complete. As will be under- 
stood by persons of ordinary skill in the art, in addition 
to the connection types shown, other connection tech- 

45 nologies may also be used to establish a link. 

When there is no appropriate type of link available 
for connection, in a step 129, the MIS system queues 
requests for the remote computer for a later attempt. In 
a step 1 31 , the MIS system notes that the connection is 

50 incomplete. 

Computer Security 

Figures 9A and 9B are a flowchart which illustrate 
55 actions taken when a remote computer is reported lost 
or stolen in accordance with a preferred embodiment of 
the present invention. A left half 140 of the flow chart 
shows the activity of an MIS system. A right half 1 41 of 
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the flow chart shows the activity of a remote computer. 

In a step 1 42 : the computer is reported stolen or lost 
by the owner. In a step 143, a verification of the report 
is made to determine the legitimacy of the report. Steps 
142 and 143 is performed, for example, by an operator 
or manager of the MIS system. In a step 144, the MIS 
system establishes communication with the remote 
(stolen or lost) computer. In a step 1 45, the remote com- 
puter receives a valid message request. In a step 146, 
an internal check of the remote computer is made to de- 
termine whether the host processor within the remote 
computer is powered up? In a step 147, if the remote 
computer is asleep, it is awakened. In a step 148, the 
remote computer acknowledges to the MIS system that 
the remote computer is connected and ready for further 
transmissions. 

In a step 149, the MIS system determines whether 
there is a valid connection. If there is not a valid connec- 
tion, in a step 150, the MIS system queues the request 
for a later attempt. If in step 149, the MIS system deter- 
mines there is a valid connection, in a step 1 51 , the MIS 
system initiates a command to lock the computer and/ 
or to encrypt or erase the data of the user. In a step 152 
the remote computer responds by locking the computer 
and/or encrypting or erasing the data of the user. In a 
step 153, the remote computer acknowledges the com- 
mand has been completed. In a step 154, the MIS sys- 
tem removes the connection. In a step 155, the remote 
computer disconnects the link. 

Software Metering 

Figures 10 through 15 illustrate flow for various 
types of software metering which can be done using re- 
mote management. Software metering provides for lim- 
its, of one sort or another, on the use of software. As 
illustrated below ; various types of metering can be used. 
The flexibility allows for various applications such as, for 
example, timed examinations, games with various lev- 
els and trial periods. 

Figure 1 0 is a flowchart which illustrates the use of 
remote management to initialize software metering in 
accordance with a preferred embodiment of the present 
invention. In a step 161, a request activation, re-activa- 
tion or change of parameters in software is made. This 
can be initiated by a user using the computer system. 
Alternatively, as illustrated by a step 164, a remote man- 
agement entity (e.g., a manager of information systems 
or an instructor) can initiate a new parameter session. 
The remote management entity initiates change, for ex- 
ample, when it is necessary to update computer sys- 
tems where a site license has superseded terms for in- 
dividual licenses. 

Once a the request for activation, re-activation or 
change of parameters in software is made, in a step 1 62, 
the terms of the activation, re-activation or change of 
parameters is agreed upon by the computer system and 
the remote management. The terms include, for exam- 



ple, method of payment and the style of software me- 
tering which is to be used. Once an agreement on terms 
is reached, in a step 1 63, a user of the computer system 
is notified, for example, by an activation message or an 
5 activation page being sent to the computing system and 
appropriately displayed or made available to the user. 
In a step 163 a coupon is activated in accordance with 
the terms agreed upon in step 162. 

Various styles of software metering may be used, 
10 as illustrated by the flowcharts in Figures 10, 11, 12 and 
13. Figure 11 is a flowchart which illustrates a style of 
software metering which allows usage of software for a 
set period of time. This style of software metering is use- 
ful, for example, to allow a user a trial period for soft- 
's ware. In this style of software metering, after the coupon 
is activated in step 1 65, in a step 1 71 , an end date is set 
after which a user will not be allowed to access the soft- 
ware. In a step 1 72, when a user attempts to access the 
software, in a step 1 73, a check is made to see whether 
the current date is the end date or after the end date. If 
the current date is not the end date or after the end date, 
access to the software is allowed to continue. After a set 
time of delay, as illustrated in a step 175, the current 
date is checked again in step 1 73, to check whether the 
current date is the end date or after the end date. 

When in step 173, it is determined that the current 
date is the end date or after the end date, in a step 174, 
it is recognized that the end date has arrived. In a step 
176, the coupon allowing usage of the software is ex- 
pired. This is handled as is illustrated by Figure 15 be- 
low. 

Figure 12 is a flowchart which illustrates a style of 
software metering which allows usage of software for a 
set number of times. This style of software metering is 
useful, for example, to allow a user to test software on 
a trial basis. In this style of software metering, after the 
coupon is activated in step 165, in a step 181 , a counter 
parameter is set. After the count has been met, a user 
will not be allowed to access the software. In a step 1 82, 
when a user uses the computer, if it is detected in a step 
183, that the user has accessed the software, the coun- 
ter is decremented (or incremented depending upon the 
implementation). In a step 185, a check is made to see 
whether the counter parameter has reached the final 
count (in the example shown in Figure 1 2, the final count 
is 0). If the counter parameter has not reached the final 
count, the user is allowed to utilized the software. In a 
step 187, user activity is monitored to determine when 
the software has been exited. The software is exited, 
the flow returns to step 182. 

If in step 185, the check indicates the counter pa- 
rameter has reached the final count, in a step 176, the 
coupon allowing usage of the software is expired. This 
is handled as is illustrated by Figure 15 below. 

Figure 13 is a flowchart which illustrates a style of 
software metering which allows usage of software for a 
set duration of time. This style of software metering is 
useful, for example, for examinations, trials of software 
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or for game applications. In this style of software meter- 
ing, after the coupon is activated in step 165, in a step 
191 , a duration parameter is set which indicates the total 
access time allowed without further accesses to a host 
management system. The current accumulated time is 
also initialized to zero. After the duration of time has 
been met, a user will not be allowed to access the soft- 
ware. In a step 192, when a user uses the computer, if 
it is detected in a step 1 93, that the user has accessed 
the software, a time stamp is used to record the starting 
(current) time use of the software begins. 

In a step 1 95, when a user uses the computer, if it 
is detected in a step 196, that the user has exited the 
software, in a step 197, the accumulated time is in- 
creased by the amount of time the software was used. 
As illustrated by Figure 1 3, the amount the accumulated 
time is increased is the different between the current 
time and the begin time stored in step 194. After calcu- 
lation of accumulated time in step 197, step 192 is re- 
peated. 

If in step 196, it is determined that the user has not 
exited the software, in a step 1 98 a check is made as to 
whether the duration of time has expired (i.e., accumu- 
lated time + (current time - begin time) >= Total access 
time (D)). If the duration time has not expired, in a step 
199, a delay is taken, depending on required accuracy, 
before checking for user activity in a step 195. 

If, in step 198, the check indicates the duration of 
time has expired, in a step 1 76, the coupon allowing us- 
age of the software is expired. This is handled as is il- 
lustrated by Figure 15 below. 

Figure 14 is a flowchart which illustrates a style of 
software metering which allows usage of software for a 
interaction level. This style of software metering is use- 
ful, for example, for game applications. In this style of 
software metering, after the coupon is activated in step 
165, in a step 201 , certain access levels are authorized. 
These indicate which access levels may be utilized by 
a user. In a step 202, when a user uses the computer, 
if it is detected in a step 203 that the user has not com- 
pleted an access level, the user is allowed continued 
access to the software. 

If it is detected in a step 203 that the user has com- 
pleted an access level, in a step 204, a check is made 
to determine whether the user is authorized to use the 
next level. If it is determined in step 204 that the user is 
authorized to use the next level, the user is allowed con- 
tinued access to the software and returns to step 202. 

If it is determined in step 204 that the user is not 
authorized to use the next level, in step 176, the coupon 
allowing usage of the software is expired. This is han- 
dled as is illustrated by Figure 15 below. 

Figure 1 5 is a flowchart which illustrates what hap- 
pens when in step 176, the coupon allowing usage of 
the software is expired. In a step 211 , access to the soft- 
ware is canceled and the parameters are reset. In a step 
212, the user is queried as to whether additional use is 
requested. If in step 212, the user indicates no additional 



use is desired, in a step 21 3, the work is saved for later 
access by the user or by the remote management sys- 
tem and the software is exited. In a step 214, the acti- 
vation status is placed as inactive, which will prevent 

s further access to the software. 

If in step 212, the user indicates additional use is 
desired, control is returned to step 1 61 , shown in Figure 
10. In step 161. a request activation, re-activation or 
change of parameters in software is made. 

10 The foregoing discussion discloses and describes 
merely exemplary methods and embodiments of the 
present invention. As will be understood by those famil- 
iar with the art, the invention may be embodied in other 
specific forms without departing from the spirit or essen- 

15 tial characteristics thereof. Accordingly, the disclosure 
of the present invention is intended to be illustrative, but 
not limiting, of the scope of the invention, which is set 
forth in the following claims. 

20 

Claims 

1 . A method for providing protection for a remote com- 
puter (16-21) comprising the following step: 

25 (a) when a determination is made to invoke 

protection of the remote computer (16-21 ) ; perform- 
ing the following substeps: 

(a.1) contacting the remote computer (16-21) 
30 by a management information system (11) us- 

ing a communication path (1 0,12-1 5,22), 
(a. 2) instructing the remote computer (16-21) 
by the management information system (11) 
through the communication path (1 0, 1 2-1 5,22) 
35 to perform an action to protect the remote com- 

puter (16-21), and 

(a. 3) performing, by the remote computer 
(16-21), the action to protect the remote com- 
puter (16-21). 

40 

2. A method as in claim 1 wherein in step (a) the de- 
termination to invoke protection of the remote com- 
puter (16-21) is made upon one of the following cir- 
cumstances: 

45 

when the remote computer (16-21) is lost; 
when the remote computer (16-21) is stolen. 

3. A method as in claim 1 or 2 wherein in substep (a. 
50 3) the action to protect the remote computer (1 6-21 ) 

is one of the following: 

to lock the remote computer (1 6-21 ) to prevent 
unauthorized use; 
55 to erase data within the remote computer 

(16-21) to prevent unauthorized access to the 
data; 

to encrypt data within the remote computer 
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(16-21) to prevent unauthorized access to the 
data. 

4. A method as in claim 1, 2 or 3 wherein in substep 
(a.1) the communication path (10,12-15,22) is via s 
one of the following: 

two-way pager (15); 

a cellular telephone link (14); and, 

an internet system (12). 10 

5. A security protection device within a computer com- 
prising: 

a communication path (10,12-15,22) interface 15 
for receiving a communication instructing the 
remote computer (16-21) to perform an action 
to protect the remote computer (16-21); and, 
security invocation means, coupled to the com- 
munication path (10,12-15,22) interface, for, 20 
upon receipt of the communication instructing 
the remote computer (1 6-21 ) to perform the ac- 
tion to protect the remote computer (16-21), 
performing the action to protect the remote 
computer (16-21). 25 

6. A security protection device as in claim 5 wherein 
the security invocation means comprises one of the 
following: 

30 

a locking mechanism (151) which locks the re- 
mote computer (16-21) to prevent unauthorized 

use; 

an erasing mechanism (151) which erases data 
within the remote computer (16-21) to prevent 35 
unauthorized access to the data: and, 
an encryption mechanism (151 ) which encrypts 
data within the remote computer (1 6-21 ) to pre- 
vent unauthorized access to the data. 

40 

7. A security protection device as in claim 5 or 6 
wherein the communication path (10,12-15,22) is 
via one of the following: 

a two-way pager (15); 45 
a cellular telephone link (14); and, 
an internet system (12). 

50 
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